Commit Graph

49 Commits (24e7d89ac9b11ebb0ceae63a997a22501eca157b)

Author SHA1 Message Date
Daniel Plohmann 02710714bd add APT33 as identified by FireEye 2017-09-29 11:43:38 +02:00
Daniel Plohmann 355a230182 added FIN7 as alias for anunak 2017-08-01 13:29:57 +02:00
Daniel Plohmann b4e49823dd merged barium into axiom (only one redundant reference given) 2017-08-01 13:13:56 +02:00
Raphaël Vinot 282c3a8101 Merge pull request #74 from Delta-Sierra/master
adding clusters based on MISP data
2017-07-26 11:41:00 +02:00
Deborah Servili 7e59f14dca update Spring Dragon threat actor 2017-07-26 09:21:36 +02:00
Raphaël Vinot 8598210895 Remove empty string. 2017-07-25 18:02:11 +02:00
Alexandre Dulaunoy a295d40589 Cobalt gang added 2017-07-08 10:16:11 +02:00
Alexandre Dulaunoy c0786dfb22 El Machete added 2017-06-26 11:44:46 +02:00
Alexandre Dulaunoy dd2a51037a jq all ;-) 2017-06-20 20:34:04 +02:00
Jaime f92b9cb710 Added FIN8 actor 2017-06-20 11:28:32 -07:00
David André 3dfbb7e1d0 Added Symantec alias for sofacy 2017-06-16 11:22:17 +02:00
danielplohmann 5724f19873 Merge branch 'master' into hidden-cobra-lazarus 2017-06-15 14:13:50 +02:00
Daniel Plohmann (jupiter) f7963c9a8c added Hidden Cobra as alias for Lazarus Group 2017-06-15 14:09:29 +02:00
Daniel Plohmann ff4f428bc1 added ELECTRUM to threat-actor.json (afaik not confirmed as an alias atm) 2017-06-13 13:25:16 +02:00
Daniel Plohmann 9924a8875c added PLATINUM to threat-actor.json (afaik not confirmed as an alias atm) 2017-06-13 13:21:10 +02:00
Alexandre Dulaunoy 91663c4793 Merge pull request #58 from danielplohmann/wildneutron
added WildNeutron (Morph, Butterfly, Sphinx Moth)
2017-06-06 10:02:56 +02:00
Deborah Servili aa34718b13 edit threat actor - should fix #59 and #60 2017-06-06 08:40:29 +02:00
Daniel Plohmann (jupiter) 068dc40a78 added WildNeutron (Morph, Butterfly, Sphinx Moth) 2017-06-05 19:13:27 +02:00
David André 83833f257c Added synonyms for APT10 and one for APT1 2017-06-02 10:26:45 +02:00
Alexandre Dulaunoy fab863933e SilverTerrier added 2017-05-30 08:40:26 +02:00
Alexandre Dulaunoy 5da5df6384 APT32 added 2017-05-15 09:18:28 +02:00
Déborah Servili 531595c944 ##comma## 2017-04-14 14:52:23 +02:00
Déborah Servili 54512eb840 Add some tools/threat actor 2017-04-14 14:48:39 +02:00
Alexandre Dulaunoy bbf6716c73 Longhorn (CIA) added 2017-04-10 20:22:57 +02:00
nyx0 78cdb10aae Add new Sednit name according to https://www.secureworks.com/research/iron-twilight-supports-active-measures 2017-03-31 09:28:50 -04:00
chrisdoman dbf989c742 Added descriptions and reference to threat-actor json 2017-03-22 12:52:05 +00:00
Raphaël Vinot e1b5701351 JQ all the things 2017-03-16 17:31:43 +01:00
Raphaël Vinot 0d8d265319 Fix typo. 2017-03-16 17:27:17 +01:00
CERT-Bund 4112a041f7 Added groups, joined groups, added synonyms (see extended description)
Added: HammerPanda, Barium, Infy, Sima, Groundbait
Joined: StrongPity and Promethium
Synonyms: Lead as Winnti, Moonlight as MoleRats, FalloutTeam as DarkHotel, DustStorm as StonePanda, Skipper and Popeye as Pacifier
2017-03-16 17:02:55 +01:00
Alexandre Dulaunoy e002e62204 missing \n at the end of the file 2017-03-01 14:55:45 +01:00
Chris Doman 9e5c983a65 Ran jq 2017-03-01 13:24:00 +00:00
Chris Doman e934f88b3b Added references
Mostly added references to existing groups
Capitalised DarkHotel, put a space in APT30 default name (the others
had that)
2017-03-01 12:53:52 +00:00
Alexandre Dulaunoy a224c7ce5e add: Gamaredon Group added 2017-02-28 09:17:33 +01:00
Christophe Vandeplas 048b831f53 minor correction 2017-02-27 11:00:48 +01:00
Thanat0s 3774f05237 Somes alias fetch from : https://attack.mitre.org/wiki/Groups 2017-02-26 23:07:42 +01:00
Raphaël Vinot 7db66e05dd Strict schema, update clusters accordingly 2017-02-14 11:34:59 +01:00
Raphaël Vinot 910398fe76 Fix validation, remove duplicate. 2017-02-13 18:52:54 +01:00
Alexandre Dulaunoy abca7a02d0 Greenbug added 2017-01-23 16:20:09 +01:00
Alexandre Dulaunoy 19406277d4
Equation Group added 2017-01-13 08:23:03 +01:00
Alexandre Dulaunoy 649c043ad2
Import manually cert-eu contribution
- Fix the meta attributes (like the motive field ) to be within meta and not
   outside
 - Remove some "null" values that seems to come from previous tests
 - Pretty-print the Javascript (better for diffing)
2017-01-09 23:07:57 +01:00
Alexandre Dulaunoy a6cb478a3b Separate APT30 from Naikon group 2017-01-06 22:26:53 +01:00
Alexandre Dulaunoy ea9ebaf5d6 PassCV group added 2017-01-06 13:51:22 +01:00
Alexandre Dulaunoy c3364add3c Cadelle and Chafer groups added 2017-01-06 13:25:30 +01:00
Alexandre Dulaunoy c38f62ae12 Packrat added 2016-12-30 12:47:47 +01:00
Alexandre Dulaunoy d37db31a75 Operation Iron Tiger added as synonym 2016-12-17 09:51:13 +01:00
Alexandre Dulaunoy 3deb47a9c8 Molerats, PROMETHIUM and NEODYMIUM added 2016-12-17 09:40:47 +01:00
Alexandre Dulaunoy ff17ac998e TeleBots group added 2016-12-13 19:37:30 +01:00
Alexandre Dulaunoy 3a657ace36 TERBIUM added 2016-12-13 09:11:16 +01:00
Alexandre Dulaunoy d834ec1f52 Singular everywhere 2016-12-04 17:37:29 +01:00